Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

In Auto setup, when IsUninitialized, response http status code 503 #16834

Open
wants to merge 34 commits into
base: main
Choose a base branch
from

Conversation

infofromca
Copy link
Contributor

Fixes #16833

@hishamco hishamco requested a review from gvkries October 4, 2024 16:16
@hishamco
Copy link
Member

hishamco commented Oct 4, 2024

A unit of functional test will be a plus

@hishamco hishamco requested a review from Piedone October 5, 2024 22:37
@Piedone
Copy link
Member

Piedone commented Oct 6, 2024

How do you test this?

}
}
}

httpContext.Response.Redirect(pathBase);

return;
}
else
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This would prevent the error message from being displayed to the user. Like server-side validation or database creation error.

Even if you still decide to keep 503 as the code.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@gvkries gvkries changed the title In Auto setup, when IsUninitialized, response http status code 409 In Auto setup, when IsUninitialized, response http status code 503 Oct 10, 2024
@Piedone
Copy link
Member

Piedone commented Oct 11, 2024

So @infofromca, how do you test this?

@Piedone
Copy link
Member

Piedone commented Oct 14, 2024

@infofromca When you're done addressing all feedback of a review, click "Re-request review" in the top-right corner for each reviewer when you're ready for another round of review, so they know that you're done.

Also, I'm still waiting for your reply on how one can test this.

@infofromca
Copy link
Contributor Author

@Piedone for your reply on how one can test this, please see the unit test

@Piedone
Copy link
Member

Piedone commented Oct 14, 2024

I'm talking about trying it out manually. How can I try this out and make sure that it works? How did you do this during development?

@infofromca
Copy link
Contributor Author

I think a new read.me will be required. Let me find the time for it, will have vacation in near future

@infofromca
Copy link
Contributor Author

infofromca commented Oct 29, 2024

@Piedone : I just tested it manually. there was a DI error which I just corrected.
After I uncommented "OrchardCore_AutoSetup" on appsetting.json, it run well and I could login in to the admin panel.--good.
then , I made the code to return (setupContext, false); inside SetupTenantAsync of AutoSetupService, it gave 503 and the message as The AutoSetup failed installing the site 'AutoSetup Example' with errors: . For errors: . , because I did not put the errors string inside SetupTenantAsync actually. --- It seems as we expected.
屏幕截图 2024-10-29 113043

Copy link
Member

@Piedone Piedone left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.


await httpContext.Response.WriteAsync($"The AutoSetup failed installing the site '{_setupOptions.SiteName}' with errors: {stringBuilder}.");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You shouldn't write error messages to the response directly. For instance here the SiteName is user input and could contain XSS. I believe it was only logged before. If we want to keep doing it then we don't need the tuple as a return type.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sebastienros : Committed new one of shouldn't write error messages to the response directly

@hishamco
Copy link
Member

@sebastienros do you have anything else to add or we can merge, I think this PR takes much time :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

In Auto setup, when IsUninitialized, response http status code 409
4 participants